This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(240, 5%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
I need to synchronize the local Active Directory passwords, with Azure AD passwords on regular intervals.
I've looked into Azure AD Connect, but it requires an Enterprise Admin account for the local Active Directory.
So I need to somehow use my admin rights, under the specific OU I have access on, to synchronize the user's passwords to Azure AD.
I'd prefer using PowerShell, so I can schedule it to run regularly, but any suggestions are welcome.
Thanks
Hi @aristosva
The only solution here is to install Azure AD Connect, that will require Enterprise admin rights (as you already know).
As this is a strategic business change, it would be best you make the request to the relevant people so they can either:
Unfortunately there is no way around this.
Kind regards
Daniel
Keep in mind that I am only trying to sync the passwords of the users under the OU that I have admin rights.
Since I already have admin rights under that OU, isn't there a way I can pull information and push it to Azure AD?
You have delegate rights over a single OU. But to enable password sync for that OU to M365/AzureAD, you need to deploy Azure AD Connect within your environment, and then filter to that OU.
So to answer your question, what you are trying to do is impossible.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 68%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELT%3C/text%3E%3C/svg%3E)
Hello there,
You can use the PowerShell cmdlets given in the below stocks to force the synchronization of passwords between local AD and Azure AD. The password sync time interval in AD Connect is 2 minutes. You may need to force password sync with Azure AD Connect.
Synchronization of legacy password hashes to Azure AD may take some time and depend on directory size in terms of number of accounts and groups. Once completed, the passwords are synchronized to the to Azure AD followed by syncing to the Azure AD DS managed domain.
How to Force a Full Password Sync in AzureAD Connect https://techcommunity.microsoft.com/t5/itops-talk-blog/powershell-basics-how-to-force-a-full-password-sync-in-azuread/ba-p/900063 Hope this resolves your Query !!
--If the reply is helpful, please Upvote and Accept it as an answer--
@Limitless Technology as I mentioned I can't use Azure AD Connect because it requires Enterprise Admin rights on the local AD.
